‘Zombie master’ pleads guilty to PC hijacking

In a landmark court case, a US man has pleaded guilty to hijacking more than 400,000 computers and using them to attack commercial websites and bombard internet users with spam email and pop-up ads.

On Monday, Jeanson Ancheta admitted hacking into computers and installing software enabling him to control them remotely. Prosecutors have accused him of creating a massive army of “zombie” computers, or “bots”, which he used to launch attacks against websites and to send out huge quantities of spam email.

To increase the size of his network of infected computers, Ancheta programmed his zombie machines to automatically scan the internet for further vulnerable machines.

The size of the zombie network controlled by Ancheta highlights the scale of the problem faced by websites subjected to so-called distributed denial-of-service (DDoS) attacks, which are designed to block legitimate traffic.

Advertisement

These attacks are often linked to attempts to extort money. Gambling sites, and others that rely on uptime (uninterrupted site-availability) for revenue are a particular target.

It is possible to counter a DDoS attack, says Mike Prettlejohn, of UK internet monitoring company Netcraft, by ignoring packets of data sent from unknown machines, or by filtering out packets that are not normally received. However, both techniques may result in blocking some legitimate web users. “That’s just part-and-parcel of the strategy,” Prettlejohn told New Scientist. “If a site is successfully DDoS-ed, then no one can get to it at all.”

Military networks

Ancheta has also admitted to causing pop-up advertising to appear on infected machines, in return for payment from advertisers. He has confessed to being paid &dollar;3000 in return for providing access to networks within his zombie network, selling networks of 10,000 machines on 30 different occasions.

Prettlejohn adds that creating zombie machines is becoming increasingly complex for hackers as software companies like Microsoft have improved their software maintenance policies. But he warns that hackers are also focusing on new techniques for spreading viruses and other forms of malicious code, such as malicious instant messaging programs.

Ancheta is accused of infecting computers at the Weapons Division of the US Naval Air Warfare Center in California and others used by the Defense Information Systems Agency in Virginia. In federal court in Los Angeles, he pleaded guilty to conspiring to violate the US Computer Fraud Abuse Act and anti-spam laws, and to causing damage to US military computers.

In a deal with prosecutors, Ancheta agreed to plead guilty in return for a shorter sentence of between six and eight years in prison. He will appear before a US district judge for sentencing on 1 May. In addition to paying restitution to the US government, Ancheta has agreed to forfeit his ill-gotten gains, which include &dollar;60,000 dollars in cash, a BMW luxury car, and assorted computer equipment.